Hello. Thomas Mueller wrote: > Now I would like to upgrade to 2.6.35 or 2.6.36 if available soon. I saw > on the site for 2.3 that the policy is not compatible any more - but as I > can see from the syntax this should only be true for an automatic upgrade, > not for a manual upgrade? Please see http://tomoyo.sourceforge.jp/comparison.html . Regarding 2.6.31 -> 2.6.35 , allow_ioctl /path/to/file allow_chown /path/to/file allow_chgrp /path/to/file allow_chmod /path/to/file allow_mount /path/to/dir/ allow_unmount /path/to/dir/ allow_chroot /path/to/dir/ allow_pivot_root /path/to/dir/ /path/to/dir/ needs to be added to /sys/kernel/security/tomoyo/domain_policy . Thus, I think > What is the best way to do an upgrade now? For .35 I thought about: > - install newest 2.2 tools > - install new kernel > - set "use_profile 2" for all processes > - reboot with kernel .35 > - fix all issues because of new rights > - set "use_profile 3" for all processes > Does this work? will work. Regarding 2.6.31 -> 2.6.36 , allow_create /path/to/file => allow_create /path/to/file mode allow_mkdir /path/to/dir/ => allow_mkdir /path/to/dir/ mode allow_mkfifo /path/to/file => allow_mkfifo /path/to/file mode allow_mksock /path/to/file => allow_mksock /path/to/file mode allow_mkblock /path/to/file => allow_mkblock /path/to/file mode major minor allow_mkchar /path/to/file => allow_mkchar /path/to/file mode major minor allow_ioctl /path/to/file => allow_ioctl /path/to/file cmd allow_chmod /path/to/file => allow_chmod /path/to/file mode allow_chown /path/to/file => allow_chown /path/to/file uid allow_chgrp /path/to/file => allow_chgrp /path/to/file gid needs to be replaced in addition to changes in 2.6.31 -> 2.6.35 . As you can see, TOMOYO 2.3 checks numeric parameters which TOMOYO 2.2 didn't. This is one of reasons for policy incompatibility between TOMOYO 2.2 and TOMOYO 2.3 . You may specify 0-0xFFFFFFFF for mode, major, minor, cmd, uid, gid fields. But restarting from scratch is better due to another reason for policy incompatibility. TOMOYO 2.2 by default uses "pathnames with symbolic links solved" for "allow_execute" keyword and domainname definitions. You can use "alias" keyword for letting TOMOYO use "symbolic link's pathnames". TOMOYO 2.3 by default uses "symbolic link's pathnames" for "allow_execute" keyword and domainname definitions. You can use "aggregator" keyword for letting TOMOYO use "arbitrary names". > What about .36 / Tomoyo 2.3? > - install newest 2.3 tools > - install new kernel > - execute /usr/lib/tomoyo/init_policy > - reboot with kernel .36 > >Is it possible to load my old policy (with use_profile 2) now? Starting >from scratch again would be a nightmare. Since pathname used for "allow_execute" keyword and domainname definitions is different between TOMOYO 2.2 and TOMOYO 2.3 , I think starting from scratch is easier. Please be sure to remove (or rename) /etc/tomoyo/ before running /usr/lib/tomoyo/init_policy . Regards.
TOMOYO
Fork